def __init__(self, iface, bpf_filter):
self.__iface = iface
self.__bpf_filter = bpf_filter
self.__workers_list = None
self.__mgr = Manager(self.__iface, self.data_handler,
self.event_handler)
self.__look_for_workers()
self.__assign_channels()
self.__start_workers_interfaces()
def __init__(self, iface_name):
self.__iface_name = iface_name
self.__bpf_filter = "type mgt subtype probe-req"
print "Starting wiwo manager..."
self.__mgr = Manager(self.__iface_name, self.frame_handler,
self.event_handler)
self.__look_for_workers()
if len(self.__workers_list) == 0:
raise NoWorkersException
self.__assign_channels()
self.__start_workers_interfaces()
def __init__(self, iface, bpf_filter):
self.__iface = iface
self.__bpf_filter = bpf_filter
self.__workers_list = None
self.__mgr = Manager(self.__iface, self.data_handler, self.event_handler)
self.__look_for_workers()
self.__assign_channels()
self.__start_workers_interfaces()
def __init__(self, iface_name):
self.__iface_name = iface_name
self.__bpf_filter = "type mgt subtype probe-req"
print "Starting wiwo manager..."
self.__mgr = Manager(self.__iface_name, self.frame_handler, self.event_handler)
self.__look_for_workers()
if len(self.__workers_list) == 0:
raise NoWorkersException
self.__assign_channels()
self.__start_workers_interfaces()
class Injector(object):
"""
Represents a class that process dns queries and send fake dns responses.
"""
MTU = 7981
TIMEOUT = 100 # in milliseconds
def __init__(self, iface_name):
self.__iface_name = iface_name
self.__bpf_filter = "type mgt subtype probe-req"
print "Starting wiwo manager..."
self.__mgr = Manager(self.__iface_name, self.frame_handler, self.event_handler)
self.__look_for_workers()
if len(self.__workers_list) == 0:
raise NoWorkersException
self.__assign_channels()
self.__start_workers_interfaces()
def __look_for_workers(self):
"""
It looks for available workers.
"""
print "Looking for workers..."
self.__mgr.announce_to_worker()
time.sleep(10) # Require to receive the list of workers. This should be fix on the manager code.
self.__workers_list = self.__mgr.get_workers()
print "Found %d workers." % len(self.__workers_list)
def __assign_channels(self):
"""
Method that prints information from the available workers.
"""
available_channels = self._get_supported_channels_set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
for channel in interface.supported_channels():
if channel in available_channels:
print "Setting %s interface of worker %s to channel %d" % (interface.name(),
worker.mac_address(),
channel)
available_channels.discard(channel)
self.__mgr.set_channel_to_worker_interface(worker.raw_mac_address(),
interface.name(),
channel)
break
def _get_supported_channels_set(self):
"""
Method that returns a set with all supported channels for all available workers.
"""
supported_channels = set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
supported_channels.update(interface.supported_channels())
return set(sorted(supported_channels))
def __start_workers_interfaces(self):
"""
Method that stops monitoring on every available worker.
"""
for worker in self.__workers_list:
for interface in worker.interfaces_list():
self.__mgr.start_worker_interface(worker.raw_mac_address(), interface.name(), self.__bpf_filter)
def __stop_workers(self):
"""
It stops monitoring wireless traffic on every interface of all the workers.
"""
for worker in self.__workers_list:
self.__mgr.stop_worker_interfaces(worker.raw_mac_address())
def stop(self):
"""
Stop workers and manager.
"""
self.__stop_workers()
time.sleep(30) # Wait for 30 seconds until all workers have stopped.
self.__mgr.stop_receiver_processes()
def frame_handler(self, manager, worker_addr, frame_data):
"""
Inject probe response frames for every probe request frame.
"""
decoder = RadioTapDecoder()
decoder.decode(frame_data)
management_frame = decoder.get_protocol(dot11.Dot11ManagementFrame)
probe_req_frame = decoder.get_protocol(dot11.Dot11ManagementProbeRequest)
if not probe_req_frame:
return
ssid = probe_req_frame.get_ssid()
if not ssid: # Ignore broadcast SSID
return
station_address = management_frame.get_source_address()
print "Station: %s" % ":".join(map(lambda i: "%02X" % i, station_address))
print "SSID: %s" % ssid
frame = str()
# Radiotap
frame += "\x00\x00" # Version
frame += "\x0b\x00" # Header Length
frame += "\x04\x0c\x00\x00" # Presence Flags
frame += "\x6c" # Rate
frame += "\x0c" # TX Power
frame += "\x01" # Antenna
# Management Frame
frame += "\x50\x00" # Frame Control
frame += "\x31\x01" # Duration
frame += "".join(chr(i) for i in station_address) # Destination Address
frame += "\x00\xde\xad\xbe\xef\x00" # Source Address
frame += "\x00\xde\xad\xbe\xef\x00" # BSSID Address
frame += "\x00\x00" # Sequence Control
frame += "\x00\x00\x00\x00\x00\x00\x00\x00" # Timestamp
frame += "\x64\x00" # Beacon Interval
frame += "\x01\x04" # Capabilities
frame += "\x00%s%s" % (struct.pack("B", len(ssid)), ssid) # SSID
frame += "\x01\x08\x82\x84\x8b\x96\x24\x30\x48\x6c" # Supported Rates
frame += "\x03\x01\x0e" # DS parameter set
frame += "\xdd\x06\xfa\xfa\xfa\x00\xde\xad" # Vendor Specific
workers = manager.get_workers()
for worker in workers:
if worker.raw_mac_address() == worker_addr:
break
for iface in worker.interfaces_list():
manager.inject_data_from_worker_interface(worker.raw_mac_address(), iface.name(), frame)
def event_handler(self, event):
"""
Ignore Wiwo events.
"""
pass
pass
if __name__ == "__main__":
# Check root (linux) and command line arguments.
if not initial_checks():
sys.exit(-1)
iface_name = sys.argv[1]
# Check if iface_name is a valid interface name.
if iface_name not in pcapy.findalldevs():
show_usage()
sys.exit(-1)
mgr = None
try:
mgr = Manager(iface_name, data_handler, event_handler)
# Stop all the workers.
print "Stopping all the workers using broadcast..."
mgr.stop_worker_interfaces("\xff\xff\xff\xff\xff\xff")
time.sleep(5)
except KeyboardInterrupt:
print " Caught CTRL+C."
finally:
print "Stopping..."
if mgr:
stop(mgr)
def __init__(self, iface):
self.__iface = iface
self.__workers_list = None
# Create a Manager instance.
self.__mgr = Manager(self.__iface, self._data_handler, self._event_handler)
class BasicExample(object):
"""
Basic example of how to use Wiwo manager.
"""
def __init__(self, iface):
self.__iface = iface
self.__workers_list = None
# Create a Manager instance.
self.__mgr = Manager(self.__iface, self._data_handler, self._event_handler)
def stop(self):
"""
Method that stops the Manager instance the way it should be done. This object has several python vm instances
running simultaneous. It also stops all the workers.
"""
self.__mgr.stop_worker_interfaces("\xff\xff\xff\xff\xff\xff")
time.sleep(40)
self.__mgr.stop_receiver_processes()
def get_workers(self):
"""
Method that gets available workers.
"""
self.__mgr.announce_to_worker()
time.sleep(2)
self.__workers_list = self.__mgr.get_workers()
print "Found %d workers." % len(self.__workers_list)
def show_workers_information(self):
"""
Method that prints information from the available workers.
"""
for worker in self.__workers_list:
print " * %s" % worker.mac_address()
for interface in worker.interfaces_list():
print "\t+ %s (%s) - Channel: %d - Supported Channels: %r" % (interface.name(),
interface.protocol(),
interface.channel(),
interface.supported_channels())
def set_channels(self):
"""
Method that prints information from the available workers.
"""
available_channels = self._get_supported_channels_set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
for channel in interface.supported_channels():
if channel in available_channels:
print "Setting %s interface of worker %s to channel %d" % (interface.name(),
worker.mac_address(),
channel)
available_channels.discard(channel)
self.__mgr.set_channel_to_worker_interface(worker.raw_mac_address(),
interface.name(),
channel)
break
def _get_supported_channels_set(self):
"""
Method that returns a set with all supported channels for all available workers.
"""
supported_channels = set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
supported_channels.update(interface.supported_channels())
return set(sorted(supported_channels))
def start_workers(self, bpf_filter):
"""
Method that starts monitoring with every available worker using a specific bpf filter.
"""
for worker in self.__workers_list:
for interface in worker.interfaces_list():
self.__mgr.start_worker_interface(worker.raw_mac_address(), interface.name(), bpf_filter)
def _event_handler(self, event):
"""
Method that handle events from the Manager. This is a callback method.
"""
pass
# print "Received Event: %r" % event
def _data_handler(self, manager, worker, frame_data):
"""
Method that handle the data frames from the Manager. This is a callback method.
"""
# print "Received Frame from worker %s" % worker
# print repr(frame_data)
print ".",
class WiwoManager:
"""
Class that handles Wiwo workers.
"""
def __init__(self, iface, bpf_filter):
self.__iface = iface
self.__bpf_filter = bpf_filter
self.__workers_list = None
self.__mgr = Manager(self.__iface, self.data_handler,
self.event_handler)
self.__look_for_workers()
self.__assign_channels()
self.__start_workers_interfaces()
def data_handler(self, manager, mac, frame):
"""
It handles all the Wiwo's data frame.
"""
apis_list = api_dict.values()
for api in apis_list:
api.process(mac, frame)
def event_handler(self, event):
"""
It handles the Wiwo manager's event.
"""
pass
def __look_for_workers(self):
"""
It Looks for available workers.
"""
print "Looking for workers..."
self.__mgr.announce_to_worker("\xFF\xFF\xFF\xFF\xFF\xFF")
time.sleep(
10
) # Require to receive the list of workers. This should be fix on the manager code.
self.__workers_list = self.__mgr.get_workers()
print "Found %d workers." % len(self.__workers_list)
def __assign_channels(self):
"""
Method that prints information from the available workers.
"""
available_channels = self._get_supported_channels_set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
for channel in interface.supported_channels():
if channel in available_channels:
print "Setting %s interface of worker %s to channel %d" % (
interface.name(), worker.mac_address(), channel)
available_channels.discard(channel)
self.__mgr.set_channel_to_worker_interface(
worker.raw_mac_address(), interface.name(),
channel)
break
def _get_supported_channels_set(self):
"""
Method that returns a set with all supported channels for all available workers.
"""
supported_channels = set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
supported_channels.update(interface.supported_channels())
return set(sorted(supported_channels))
def __start_workers_interfaces(self):
"""
Method that stops monitoring on every available worker.
"""
for worker in self.__workers_list:
for interface in worker.interfaces_list():
self.__mgr.start_worker_interface(worker.raw_mac_address(),
interface.name(),
self.__bpf_filter)
def stop(self):
"""
It stops workes and processes.
"""
self.__mgr.stop_worker_interfaces("\xff\xff\xff\xff\xff\xff")
time.sleep(40)
self.__mgr.stop_receiver_processes()
if __name__ == '__main__':
# Check root (linux) and command line arguments.
if not initial_checks():
sys.exit(-1)
iface_name = sys.argv[1]
# Check if iface_name is a valid interface name.
if iface_name not in pcapy.findalldevs():
show_usage()
sys.exit(-1)
mgr = None
try:
mgr = Manager(iface_name, data_handler, event_handler)
send_broadcast_announce(mgr)
while True:
os.system('cls' if os.name == 'nt' else 'clear')
print 'Wiwo Manager'
print '------------\n'
print 'Interface: %s' % iface_name
print 'MAC Address: %s' % interface.get_string_mac_address(
iface_name)
strs = (" 1. List workers\n"
" 2. Send broadcast announce\n"
" 3. Set channel to worker's interface\n"
pass
if __name__ == "__main__":
# Check root (linux) and command line arguments.
if not initial_checks():
sys.exit(-1)
iface_name = sys.argv[1]
# Check if iface_name is a valid interface name.
if iface_name not in pcapy.findalldevs():
show_usage()
sys.exit(-1)
mgr = None
try:
mgr = Manager(iface_name, data_handler, event_handler)
# Stop all the workers.
print "Stopping all the workers using broadcast..."
mgr.stop_worker_interfaces("\xff\xff\xff\xff\xff\xff")
time.sleep(5)
except KeyboardInterrupt:
print " Caught CTRL+C."
finally:
print "Stopping..."
if mgr:
stop(mgr)
class WiwoManager:
"""
Class that handles Wiwo workers.
"""
def __init__(self, iface, bpf_filter):
self.__iface = iface
self.__bpf_filter = bpf_filter
self.__workers_list = None
self.__mgr = Manager(self.__iface, self.data_handler, self.event_handler)
self.__look_for_workers()
self.__assign_channels()
self.__start_workers_interfaces()
def data_handler(self, manager, mac, frame):
"""
It handles all the Wiwo's data frame.
"""
apis_list = api_dict.values()
for api in apis_list:
api.process(mac, frame)
def event_handler(self, event):
"""
It handles the Wiwo manager's event.
"""
pass
def __look_for_workers(self):
"""
It Looks for available workers.
"""
print "Looking for workers..."
self.__mgr.announce_to_worker("\xFF\xFF\xFF\xFF\xFF\xFF")
time.sleep(10) # Require to receive the list of workers. This should be fix on the manager code.
self.__workers_list = self.__mgr.get_workers()
print "Found %d workers." % len(self.__workers_list)
def __assign_channels(self):
"""
Method that prints information from the available workers.
"""
available_channels = self._get_supported_channels_set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
for channel in interface.supported_channels():
if channel in available_channels:
print "Setting %s interface of worker %s to channel %d" % (interface.name(),
worker.mac_address(),
channel)
available_channels.discard(channel)
self.__mgr.set_channel_to_worker_interface(worker.raw_mac_address(),
interface.name(),
channel)
break
def _get_supported_channels_set(self):
"""
Method that returns a set with all supported channels for all available workers.
"""
supported_channels = set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
supported_channels.update(interface.supported_channels())
return set(sorted(supported_channels))
def __start_workers_interfaces(self):
"""
Method that stops monitoring on every available worker.
"""
for worker in self.__workers_list:
for interface in worker.interfaces_list():
self.__mgr.start_worker_interface(worker.raw_mac_address(), interface.name(), self.__bpf_filter)
def stop(self):
"""
It stops workes and processes.
"""
self.__mgr.stop_worker_interfaces("\xff\xff\xff\xff\xff\xff")
time.sleep(40)
self.__mgr.stop_receiver_processes()
class Injector(object):
"""
Represents a class that process dns queries and send fake dns responses.
"""
MTU = 7981
TIMEOUT = 100 # in milliseconds
def __init__(self, iface_name):
self.__iface_name = iface_name
self.__bpf_filter = "type mgt subtype probe-req"
print "Starting wiwo manager..."
self.__mgr = Manager(self.__iface_name, self.frame_handler,
self.event_handler)
self.__look_for_workers()
if len(self.__workers_list) == 0:
raise NoWorkersException
self.__assign_channels()
self.__start_workers_interfaces()
def __look_for_workers(self):
"""
It looks for available workers.
"""
print "Looking for workers..."
self.__mgr.announce_to_worker()
time.sleep(
10
) # Require to receive the list of workers. This should be fix on the manager code.
self.__workers_list = self.__mgr.get_workers()
print "Found %d workers." % len(self.__workers_list)
def __assign_channels(self):
"""
Method that prints information from the available workers.
"""
available_channels = self._get_supported_channels_set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
for channel in interface.supported_channels():
if channel in available_channels:
print "Setting %s interface of worker %s to channel %d" % (
interface.name(), worker.mac_address(), channel)
available_channels.discard(channel)
self.__mgr.set_channel_to_worker_interface(
worker.raw_mac_address(), interface.name(),
channel)
break
def _get_supported_channels_set(self):
"""
Method that returns a set with all supported channels for all available workers.
"""
supported_channels = set()
for worker in self.__workers_list:
for interface in worker.interfaces_list():
supported_channels.update(interface.supported_channels())
return set(sorted(supported_channels))
def __start_workers_interfaces(self):
"""
Method that stops monitoring on every available worker.
"""
for worker in self.__workers_list:
for interface in worker.interfaces_list():
self.__mgr.start_worker_interface(worker.raw_mac_address(),
interface.name(),
self.__bpf_filter)
def __stop_workers(self):
"""
It stops monitoring wireless traffic on every interface of all the workers.
"""
for worker in self.__workers_list:
self.__mgr.stop_worker_interfaces(worker.raw_mac_address())
def stop(self):
"""
Stop workers and manager.
"""
self.__stop_workers()
time.sleep(30) # Wait for 30 seconds until all workers have stopped.
self.__mgr.stop_receiver_processes()
def frame_handler(self, manager, worker_addr, frame_data):
"""
Inject probe response frames for every probe request frame.
"""
decoder = RadioTapDecoder()
decoder.decode(frame_data)
management_frame = decoder.get_protocol(dot11.Dot11ManagementFrame)
probe_req_frame = decoder.get_protocol(
dot11.Dot11ManagementProbeRequest)
if not probe_req_frame:
return
ssid = probe_req_frame.get_ssid()
if not ssid: # Ignore broadcast SSID
return
station_address = management_frame.get_source_address()
print "Station: %s" % ":".join(
map(lambda i: "%02X" % i, station_address))
print "SSID: %s" % ssid
frame = str()
# Radiotap
frame += "\x00\x00" # Version
frame += "\x0b\x00" # Header Length
frame += "\x04\x0c\x00\x00" # Presence Flags
frame += "\x6c" # Rate
frame += "\x0c" # TX Power
frame += "\x01" # Antenna
# Management Frame
frame += "\x50\x00" # Frame Control
frame += "\x31\x01" # Duration
frame += "".join(chr(i)
for i in station_address) # Destination Address
frame += "\x00\xde\xad\xbe\xef\x00" # Source Address
frame += "\x00\xde\xad\xbe\xef\x00" # BSSID Address
frame += "\x00\x00" # Sequence Control
frame += "\x00\x00\x00\x00\x00\x00\x00\x00" # Timestamp
frame += "\x64\x00" # Beacon Interval
frame += "\x01\x04" # Capabilities
frame += "\x00%s%s" % (struct.pack("B", len(ssid)), ssid) # SSID
frame += "\x01\x08\x82\x84\x8b\x96\x24\x30\x48\x6c" # Supported Rates
frame += "\x03\x01\x0e" # DS parameter set
frame += "\xdd\x06\xfa\xfa\xfa\x00\xde\xad" # Vendor Specific
workers = manager.get_workers()
for worker in workers:
if worker.raw_mac_address() == worker_addr:
break
for iface in worker.interfaces_list():
manager.inject_data_from_worker_interface(worker.raw_mac_address(),
iface.name(), frame)
def event_handler(self, event):
"""
Ignore Wiwo events.
"""
pass
class WiresharkForwarder(object):
"""
Class that handles Wiwo workers to forward traffic to Wireshark.
"""
def __init__(self, iface, bpf_filter):
self.__iface = iface
self.__bpf_filter = bpf_filter
self.__workers_list = None
self.__pipe = None
self.__pipe_path = None
self.__initialize_pipe()
self.__mgr = Manager(self.__iface, self.data_handler, self.event_handler)
self.__looks_for_workers()
self.__assign_channels()
self.__start_workers_interfaces()
def __del__(self):
# TODO: Verify pipe close.
self.__pipe.close()
def stop(self):
"""
Method that stops the Manager instance the way it should be done. This object has several python vm instances
running simultaneous. It also stops all the workers.
"""
self.__mgr.stop_worker_interfaces("\xff\xff\xff\xff\xff\xff")
time.sleep(40)
self.__mgr.stop_receiver_processes()
def __initialize_pipe(self):
"""
Its creates a fifo pipe to communicate with Wireshark.
"""
if platform.uname()[0].lower() == "windows":
self.__initialize_windows_pipe()
else:
self.__initialize_unix_pipe()
def __initialize_windows_pipe(self):
"""
Windows pipe initialization method.
"""
self.__pipe_path = r'\\.\pipe\wireshark'
print "Execute the following command: %r" % "wireshark -k -i %s" % self.__pipe_path
self.__pipe = windows.CreateNamedPipe(self.__pipe_path,
windows.PIPE_ACCESS_OUTBOUND,
windows.PIPE_TYPE_MESSAGE | windows.PIPE_WAIT,
1,
65536,
65536,
300,
None)
if not self.__pipe:
raise Exception("Unable to create pipe using CreateNamedPipe function.")
connected = windows.ConnectNamedPipe(self.__pipe, None)
if connected == 0:
raise Exception("Unable to create pipe using CreateNamedPipe function.")
windows.WriteFile(self.__pipe, "\xd4\xc3\xb2\xa1", 4) # Magic Signature
windows.WriteFile(self.__pipe, "\x02\x00\x04\x00", 4) # Version
windows.WriteFile(self.__pipe, "\x00\x00\x00\x00", 4) # GMT
windows.WriteFile(self.__pipe, "\x00\x00\x00\x00", 4) # GMT
windows.WriteFile(self.__pipe, "\xff\xff\x00\x00", 4) # Snaplen
windows.WriteFile(self.__pipe, "\x7f\x00\x00\x00", 4) # Data link
def __initialize_unix_pipe(self):
"""
Unix pipe initialization method.
"""
tmpdir = tempfile.mkdtemp()
self.__pipe_path = os.path.join(tmpdir, "pipe")
try:
os.mkfifo(self.__pipe_path)
except OSError, e:
raise e
args = ['/usr/bin/wireshark', '-k', '-i', self.__pipe_path]
# print "Executing the following command: %s" % " ".join(args)
proc = subprocess.Popen(args)
self.__pipe = open(self.__pipe_path, "w+")
self.__pipe.write("\xd4\xc3\xb2\xa1") # Magic Signature
self.__pipe.write("\x02\x00\x04\x00") # Version
self.__pipe.write("\x00\x00\x00\x00") # GMT
self.__pipe.write("\x00\x00\x00\x00") # GMT
self.__pipe.write("\xff\xff\x00\x00") # Snaplen
self.__pipe.write("\x7f\x00\x00\x00") # Data link